Gary V wrote:
Finally I reply to this thread...
While the system runs unloaded (no swapping) with 10 concurrent
amavisd-new process (ClamAV+SA with DNS tests), in the last days it
takes more than 15 seconds to process a message. There's been an
increase of about 70-80% in processing times in the last couple of
weeks. Without DNS tests messages pass through in less than 0.4s.
Amavisd-new does not 'by itself' query RBLs. This is done by
[...]
By 'local DNS' are you referring to a DNS server on your network or on
the box itself? I ask because often a local (on the same box) caching DNS
server provides benefit.
I originally referred to our organization's DNS.
su vscan -c 'spamassassin -tD< email.txt >/var/amavis/0.log 2>&1 &'
According to the output of this command and past days' rules hit I
disabled many network tests:
score RCVD_IN_BONDEDSENDER 0
score RCVD_IN_SBL 0
score RCVD_IN_XBL 0
score RCVD_IN_BL_SPAMCOP_NET 0
score URIBL_SBL 0
score DNS_FROM_SECURITYSAGE 0
# ahbl
score DNS_FROM_AHBL_RHSBL 0
# completewhois.com
score RCVD_IN_WHOIS_BOGONS 0
score RCVD_IN_WHOIS_HIJACKED 0
score RCVD_IN_WHOIS_INVALID 0
# NJABL
score RCVD_IN_NJABL_RELAY 0
score RCVD_IN_NJABL_DUL 0
score RCVD_IN_NJABL_SPAM 0
score RCVD_IN_NJABL_MULTI 0
score RCVD_IN_NJABL_CGI 0
score RCVD_IN_NJABL_PROXY 0
# SORBS
score RCVD_IN_SORBS_HTTP 0
score RCVD_IN_SORBS_SOCKS 0
score RCVD_IN_SORBS_MISC 0
score RCVD_IN_SORBS_SMTP 0
score RCVD_IN_SORBS_WEB 0
score RCVD_IN_SORBS_BLOCK 0
score RCVD_IN_SORBS_ZOMBIE 0
score RCVD_IN_SORBS_DUL 0
# HABEAS
score HABEAS_ACCREDITED_COI 0
score HABEAS_ACCREDITED_SOI 0
score HABEAS_CHECKED 0
I should only have SURBL enabled by now.
I also added a DNS cache (BIND9) local to the amavis gateway, but
probably not configured at its best (I'm no DNS master...).
That said timings changed from:
Seconds per Mail: 9.83
Seconds per Blocked Spam: 15.73
to:
Seconds per Mail: 3.54
Seconds per Blocked Spam: 6.65
The box is a dual Xeon 3G2 with 2GB RAM hosting amavisd-new + ClamAV +
SA3.1 + mysql + BIND9. It does not swap-out even under heavy loads. When
all 10 amavisd-new children are active they do not clog the CPU but
spend most of the time waiting for DNS replies.
With all those network tests disabled, the average spam score has
decreased, but I'd not date to say that we had more false negatives.
HTHSomeone,
Paolo
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc. Get Certified Today
Register for a JBoss Training Course. Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
